overview
Learning objectives
- Understanding and applying information security governance principles to establish and maintain an effective security framework.
- Demonstrating proficiency in risk management practices, including identifying, assessing, and mitigating information security risks.
- Developing and implementing an information security program aligned with organizational goals and regulatory requirements.
- Mastering incident management processes to effectively detect, respond to, and recover from security incidents.
- Enhancing skills in information security strategy development, including aligning security initiatives with business objectives.
- Understanding legal, regulatory, and compliance requirements related to information security.
- Developing expertise in information security management best practices and industry standards.
- Strengthening communication and leadership skills to effectively manage and lead information security teams.
- Applying knowledge of emerging technologies and trends in information security management.
- Demonstrating ethical and professional conduct in managing information security programs.
who should attend this training
- Information security professionals seeking to advance their careers in security management.
- IT managers and executives responsible for overseeing information security initiatives.
- Security consultants looking to enhance their expertise in security governance and risk management.
- Compliance officers and auditors involved in assessing and ensuring compliance with security standards and regulations.
- Individuals aspiring to obtain the Certified Information Security Manager (CISM) certification.
- Professionals involved in developing and implementing information security policies and procedures within their organizations.
- Anyone interested in gaining comprehensive knowledge and skills in information security management principles and practices.
CISM certification is a globally recognized credential awarded by ISACA (Information Systems Audit and Control Association) to professionals who demonstrate expertise in information security management.
To be eligible for CISM certification, candidates must have at least five years of professional experience in information security management, with a minimum of three years of experience in three or more of the CISM domains.
The CISM exam covers four domains: Information Security Governance, Information Risk Management, Information Security Program Development and Management, and Information Security Incident Management.
Preparation for the CISM exam involves studying the exam content outline, utilizing official ISACA resources, textbooks, online courses, and practice exams, and participating in review courses or study groups.
The CISM exam is administered by ISACA and is available at Pearson VUE testing centers worldwide.
ISACA does not disclose the passing score for the CISM exam. The passing score is determined through a psychometric analysis and is not published.
CISM certification is valid for three years. To maintain certification, CISM-certified professionals must earn and report Continuing Professional Education (CPE) credits each year and pay annual maintenance fees.
CISM certification demonstrates proficiency in information security management principles and practices, enhances career opportunities, and validates expertise in critical areas of information security.
To recertify, CISM-certified professionals must earn and report CPE credits each year and pay annual maintenance fees. Additionally, passing the CISM exam again is another option for recertification.
More information about CISM certification, including eligibility requirements, exam details, and study resources, can be found on the ISACA website.
Requirements
- Experience
- Domain Experience
- Adherence to the Code of Professional Ethics
- Passing the CISM Exam
- Continuing Professional Education (CPE)
Features
- Global Recognition
- Focus on Information Security Management
- Comprehensive Exam Content
- Demonstrates Expertise
- Career Advancement
- Continuing Professional Education (CPE)
- Adherence to Ethical Standards
Target audiences
- Information Security Managers
- IT Security Professionals
- Risk Management Professionals
- Compliance Officers and Auditors
- IT Governance Professionals
- Security Consultants